RSS

How-To Geek

Most people know that .exe files are potentially dangerous, but that isn’t the only file extension to beware of on Windows. There are a variety of other potentially dangerous file extensions – more than you might expect.

So Why Would I Want to Know Which Files are Dangerous?

It’s important to know which file extensions are potentially dangerous when deciding whether a file attached to an email or downloaded from the web is safe to open. Even screen saver files can be dangerous on Windows.

When you encounter one of these files, you should take extra care to make sure that you are protected. Scan with your preferred anti-virus product, or even upload it to a service like VirusTotal to make sure that there aren’t any viruses or malware.

Obviously you should always have your anti-virus software running and active, and protecting you in the background — but knowing more about some uncommon file extensions can be useful in preventing something bad from happening.

Why is a File Extension Potentially Dangerous?

These file extensions are potentially dangerous because they can contain code or execute arbitrary commands. An .exe file is potentially dangerous because it’s a program that can do anything (within the limits of Windows’ User Account Control feature). Media files – like .JPEG images and .MP3 music files – are not dangerous because they can’t contain code.(There have been some cases where a maliciously crafted image or other media file can exploit a vulnerability in a viewer application, but these cases are rare and are patched quickly.)

With that in mind, it’s important to know just what types of files can contain code, scripts, and other potentially dangerous things.

Programs

.EXE – An executable program file. Most of the applications running on Windows are .exe files.

.PIF – A program information file for MS-DOS programs. While .PIF files aren’t supposed to contain executable code, Windows will treat .PIFs the same as .EXE files if they contain executable code.

Shortcuts

.LNK – A link to a program on your computer. A link file could potentially contain command-line attributes that do dangerous things, such as deleting files without asking.

.INF – A text file used by AutoRun. If run, this file could potentially launch dangerous applications it came with or pass dangerous options to programs included with Windows.

Other

.REG – A Windows registry file. .REG files contain a list of registry entries that will be added or removed if you run them. A malicious .REG file could remove important information from your registry, replace it with junk data, or add malicious data.

Office Macros

.DOCM, .DOTM, .XLSM, .XLTM, .XLAM, .PPTM, .POTM, .PPAM, .PPSM, .SLDM – New file extensions introduced in Office 2007. The M at the end of the file extension indicates that the document contains Macros. For example, a .DOCX file contains no macros, while a .DOCM file can contain macros.

This isn’t an exhaustive list. There are other types of file extensions – like .PDF – that have had a string of security problems. However, for most of the file types above, there’s just no securing them. They exist to run arbitrary code or commands on your computer.

GEEK TRIVIA

DID YOU KNOW?

While commanding the lunar orbiter Endeavour, astronaut Alfred Worden had the distinction of being the most isolated human being ever–he was 2,235 miles away from the astronauts on the surface of the moon and 200,000 miles away from Earth.